Security of admin access

As far as we can tell all SQL and administrative traffic (e.g. cockroach node status or replication configuration) happens over the same port/network interface. Additionally “administrative” access is not authorized in any way. This is potentially problematic from a security perspective as it’s difficult to restrict operational access to the servers without hurting application functionality.

** Note: this is a copy of a community asked question on a different communication channel

Non-SQL administrative commands talk to the admin UI port (8080 by default). We plan on securing that port as well, but until then, the admin UI port can be firewalled off.